When PHP turned 20, the core developers presented us with a really nice birthday present: version 7, released in December 2015. Today, PHP 7 is being used in production by a growing number of companies. This day will get you ready for PHP 7, in all aspects.
Sebastian Bergmann, creator of PHPUnit, will take you on a tour through the history of the PHP project. Find out where PHP originates from, and how it became one of the most widely used programming languages in the world. Why is there no PHP 6, and which crucial role did Facebook play?
Arne Blankerts, security and infrastructure expert, will go in-depth about the installation and deployment of the PHP software stack. He will make the point why LAMP is no longer en vogue, and introduce you to some state-of-the-art alternatives.
Stefan Priebsch, a leading PHP consultant and coach, will show you how to get your codebase ready for PHP 7. How can you leverage new features in legacy projects without having to rewrite everything from scratch? To prepare you for the big migration, common pitfalls will be covered, and you will get to know pragmatic solutions.

Animation is a powerful design tool that we too often ignore. When used well motion can engage, communicate and improve interactions. That’s the kind of animation we want in our work: animation that has both purpose and style. Carefully crafting these moments makes our work more memorable and enjoyable to use. In this session we’ll discuss where animation can best inform UX and how to build more sophisticated animated interactions on the web.

Practical lessons learned while revamping a US airline website to resist huge Black Friday and Cyber Monday traffic values. Using HTTP status codes and PHP cleverly, we have made parallel requests possible, so that the user experience is greatly enhanced, and we pre-cache resource-consuming user searches. All on a solid PHP foundation.

For larger-scale software, building a distributed, event-driven system just makes sense. But how to get there? Usually, the status quo is a big, monolithic piece of legacy software that we just cannot ignore. From the viewpoint of a consultant who, for several years, has helped clients to move away from legacy systems (and thinking), this talk gives deep insights into challenges, solutions, and attempted solutions. We will discuss what has worked, and what did not work, and discuss lessons learned.

PHP’s stateless execution model is still based on the mechanics of CGI: request in, response out. This simplicity also means overhead on each request from frameworks starting up; applications also cannot interact with the request body during transmission, e.g. for streaming the body or handling upgrades to Web Sockets. That’s why all other web languages now offer production ready web servers implemented purely in each language: Jetty, Puma, Gunicorn and friends use a modern process model and standardized middleware protocols. PHP 7 finally brought some necessary engine changes like catchable fatal errors, so there now is no longer a need for Apache or nginx: event based HTTP components from projects like ReactPHP or Icicle, brought together by a server like Aerys or PHP-PM, start a framework once, and handle requests in a loop. The result is a massive gain in performance especially with frameworks like Symfony, and the potential for new features that previously were not possible with an external web server in front of an application. Let’s explore the current state of affairs, the solutions other programming languages found, and the bright new future that's ahead for PHP, which, as always, will require sacrifices to be made.

The service container – or dependency injection container – is the core concept in the heart of the Symfony framework. It allows us to properly model the logic of our business, building decoupled services and helping our projects grow in a natural and elegant way. Often left out in a first approximation to Symfony, dependency injection is a key topic that needs to be mastered to fully unleash the framework’s potential.

Agencies are facing special challenges and problems in their day-to-day business when dealing with a great diversity of projects, customers, businesses and technologies. In my talk, I will give an overview of the challenges, which actors are involved, what particular problems can occur etc. To tackle all this is a great challenge, especially for operations. I will give an insight in the "evolution" of our agency and show our current technical approaches, e.g. a Docker-based CI-pipeline with GitLab and Kubernetes.

One of the most difficult challenges in a developers life is finding the "right" abstraction, or at least the best one given the current circumstances. The core problem is that abstraction is a bet on the future development of the software and we know that future is volatile. I will dicuss different environments of software development and we find a base for you to decide when and what to abstract.

One of the largest risks and highest costs in any project is the act of deployment. By following O.C.D. principles, you can achieve new levels of efficiency and security that positively impacts your entire organization. This session also examines how OCD principles can be extended beyond deployment to upstream development processes and the velocity and efficiency improvements this can bring.

Contrary to popular belief, no code is untestable. Sure, writing unit tests for well-crafted code that follows the SOLID principles is easy. But what about legacy code residing in some god class with implicit dependencies and no separation of concerns? We will show you that it is possible to write tests for even the worst code by explaining the why, the what, the how, and the when of software testing while looking at real-world examples.

Did you ever have to maintain a fifteen year old application? Dead code everywhere, database queries in between HTML tags and some pages still in PHP 3. This strategy-level presentation will lead you through a progressive rewrite from very old legacy to the latest shiny version of PHP. Learn how to automate legacy testing, how to seamlessly jump between the old and new parts, and how to overcome other challenges that arise from dealing with legacy.

Built around the HTTP specification, Symfony components provide a rock solid foundation for building RESTful APIs, whether we are using the full framework or not. In this session we will dig into those components, showing how to successfully deal with problems such as adapting our models to the desired representations back and forth, how to validate the incoming data, or how to implement our authentication strategies. Furthermore, we will see which additional tools do we have when using the full framework, as well as some tips and tricks to effectively test our APIs. All of it from a practical approach based upon real use cases.

BuzzBuzz everywhere: Innovation, Digitalization, Agile Transformation – for quite a few of us this buzzing has become a sort of background noise that we try to ignore. But can we? A lot of people think that the social, economic and technological upheavals we are facing now are greater than those triggered by the invention of the steam engine. And for quite a few companies it has become a matter of survival – survival in a world where the tried and trusted ways of doing things no longer seem to work. Linda Rising and Mary Lynn Manns wrote “Fearless Change”. The patterns that they here present give drivers of change a compass to help them find a path through the unknown and unknowable terrain of our changing world. This talk gives an introduction to these change patterns.

Everyone is talking about containers; or more specifically: Docker. But even though Docker has much credit in bringing containers to our attention and shaping the ecosystem to use them, container technology has been there for decades. So, what's the deal with containers? Should I even care? And what's beyond Docker and containers?

Starting to write an API is an easy task, but you quickly stumble upon many obstacles and hard decisions. How to manage result pagination and input errors? How to handle write operations and file uploads? Join me as I share my tricks that allowed me to ship high-profile projects in record time while keeping the code clean and maintainable.

PHP 7.0 was released one and a half years ago, PHP 7.1 was released half a year ago, and PHP 7.2 will be released later this year. It is high time to have a critical look at the PHP 7 ecosystem. How stable is PHP 7? How wide-spread is its usage in the wild? Have standard solutions, frameworks, libraries, and tools caught up with the new generation? In this session you will learn everything you need to know about the state of PHP 7.

"That's not possible. You need a native app!" But is this true? What features could a web application provide without being a native app? I'll show the actual state of Web APIs, what APIs exists and how to use them. I'll show what your browser is able to do besides layout and showing data. From CSS3 animations over push notificatiosn to Bluetooth. Your browser is capable doing things you would expect from native applications - using open standards!

Microservices architectures are all the hype at the moment we have seen a lot of green-field projects starting with a Docker-based microservices setup from the start, causing unnecessary complexity and slowdowns for the dev team. In this talk we want to argue against the current Zeitgeist and convince you that starting with a Monolith first is always the better choice. We will discuss benefits and downsides of Monolith vs Microservice systems, how to migrate from one to the other when the need arises and throw in some real-life experiences we had over the years.

Building and maintaining an e-commerce platform that serves hundreds of millions of customers over multiple regions is certainly a great challenge. Doing it all in a manner that’s both pragmatic and effective – even more so. Our story at Wayfair Engineering is not a glamorous one of clouds, but instead one of grit, rolling your sleeves, iterating and innovating in a high-volume, high-concurrency, always-evolving environment. We’d like to revisit with you some of our achievements in building a platform that allows us to serve our many customers "A Zillion Things Home", while at the same time looking to the future.

CQRS and event sourcing are currently very popular topics in the PHP community, with good reason. However, most blogs and talks focus on the theory, simple applications or introductions to one of the frameworks currently available, not necessarily the challenges of using and maintaining it in production.
This session bridges that gap and looks at some of the pitfalls of a real-world deployment. I'll discuss topics like concurrency and scale, refactoring events and updating read models. Attend this talk to learn from my experiences and be better prepared when you face these challenges.

Once you created your new website or webapp you're pretty happy to finally release it into production. But do you know if you can handle the load if your site is mentioned on Hacker News or TechCrunch? Did you forget to load test your site? Or are you in pre-production and looking for load testing before going live?
This talk is showing you all the open source tools to load test your site, shows you useful scenarios and gives you introductions to utilize the load from different clouds. Whether you have an OpenStack cloud at your hands (awesome, more Open Source m/) or you're using Amazon or Google cloud. All are covered.

There are two big discussions in the world of programming: tabs vs. spaces and statically-typed languages vs dynamically-typed. TypeScript is Microsoft’s approach to add a stronger type system to JavaScript while making both camps happy. Let's not jump into the never-ending debate to what the better approach is, but instead focus on when you should use TypeScript, why Angular2 decided to use it and how you can start using TypeScript in your projects today.

It's a situation many of us are familiar with: a large legacy, monolithic application, limited or no tests, slow and manual release process, low velocity, no confidence... A lot of refactoring is required, but management keeps pushing for new features. How to proceed? Using examples and lessons learned from a real-world case, I'll show you how to replace a legacy application with a modern service-oriented architecture and build a continuous integration and deployment pipeline to deliver value from the first sprint. On the way, we’ll take a look at the process, automated testing, monitoring, master/trunk based development and various tips and best practices.

Tracking of business processes in Legacy Code, monitoring of individual (Micro)services or supervision of event processing. The daily business gives a DevOp several possibilities to record procedures and processes. You are bored of plain log file entrys and would rather watch colorful pictures and graphs? In this session I will give you an overview of solutions in productive operation in the daily DevOp business at FLYERALARM – from self-made visualisations on a Raspberry Pi to recommendations of used software.

Granted, back in the days setting up SSL/TLS on your webserver was an annoying and cumbersome task: Remembering all those command line options for OpenSSL to generate an actually secure private key and appropriate signing request, choosing the least expensive yet widely accepted certificate authority (CA) and even after finally getting the certificate you're still not done as the latest security problem requires tweaking your webserver's configuration. Luckily, things changed. In 2017, setting up a secure webserver doesn't have to be hard and certificates are free. So let's get started!

Microservices architectures have emerged from a sophisticated concept to a broadly adopted pattern during the past years, so it is safe to say that they will stick around at least for the next couple of years.
But as we all know, no solution fits every problem. Based on real-world examples we will have a look at best practices and the pitfalls you can easily run into as well as at the implications Microservices can and should have on development teams, so you can decide for yourself if they are suitable for your projects.

Names like Siri and Alexa are increasingly popular, but Shazam has been a verb to smartphone users since the launch of the iPhone in 2007. This keynote will explore the role of audio recognition in smart advertising which allows consumers to engage traditional media formate and music like never before.

Most of the time developers do not write new code, but adapt existing code. In grown environments even small adaptions to existing code tend to have side effects on the full system without anyone knowing. We identify the most important issues when working with legacy code and show strategies to refactor them out without breaking the application. After this session you will be more comfortable working with legacy code and make your project turn around to the better.

Tokens are widely used to identify resources and try to add some security to insecure environments, but sometimes the management of those identifiers can get a bit complex - even more on distributed systems. What if we could have an intelligent token, one that simplifies the way things works without losing integrity or security?
In this talk we present JSON Web Tokens as an alternative for smart and self contained tokens, explaining how to use each claim and giving some common use cases.

It's 2017 and times have changed – yet PHP is still most often associated with your average product catalogue or blogging platform. In this talk you will learn that PHP's huge ecosystem has way more to offer and PHP is not inferior at all to its evil cousin Node.js. You will learn about the core concepts of async PHP and why you too should care about ReactPHP being a real thing. The talk has a strong focus on sparking the idea that PHP can be way faster and more versatile than you probably thought. Bring along an open mind and through lots of examples and demos learn why what sounds crazy at first might soon be a valuable addition in your toolbox.

We never get it right the first time. So we refactor. But how can we refactor legacy code, when there are no automated tests (or not enough, at least) to make sure that we do not break things? Turns out that you
can: using characterization tests, we can make sure that we do not inadvertenly modify the code's behaviour. This talk will introduce a methodology to refactor legacy code that has no automated tests. Rather than talking theory, we will work a hands-on with a code example.

Graph is a mathematical construct used to model the relationships between key/value pairs, comprises a set of vertices (nodes) and an arbitrary number of edges (lines) which connect them. There are many ways to implement graphs with PHP, from typical SQL solutions to dedidacted, powerful tools like Apache Giraph or Titan. In this talk I will introduce Neo4j, highly scalable and robust native graph database, used in mission-critical apps by thousands of leading start-ups, enterprises and governments around the world. We will also talk about managing nodes and traversing methods with PHP.

Kubernetes is an open source system for automating deployment, operations, and scaling of containerized applications. It’s one of the promising options you have for deploying your container-based applications to the Internet. In this session we’ll take a look at the concepts of Kubernetes and then go trough all steps necessary to launch and maintain a real-world PHP application in your own Kubernetes cluster.

Advertisements suggest that we are zenith of mankind’s scientific knowledge and technological power, but when it comes to IoT and the so called “Smart Home”, we are clearly not. In fact, we are in the middle of the dark age. In this talk, I will go deep in to the rabbit hole of todays “Smart Home” protocols, explain why device interoperability is a myth and tell you why the open source community is our only hope of having an secure and literally smart “Smart Home“ experience.

Mankind’s technological advancements allow us to do “more and more with less and less until eventually we can do everything with nothing”, as R. Buckminster Fuller predicted in 1938. This concept, “ephemeralization”, is especially evident in cloud computing, where infrastructure, platforms and software are now commodities. The effort required for their use is closing in on the nothing, and the capabilities they provide are, at the same time, bordering on the everything. This gradual disappearance of readily apparent complexity, and the accelerating returns afforded by our progress, is not limited to software. Throughout history, all aspects of the world's growth have been exponential. We humans tend to think very linearly, so we can usually only grasp change after it has already happened. So what does a future look like when we factor in that progress is exponential, and that there is no apparent upper limit on what we can collectively achieve?

It took several decades until the majority of software developers accepted one simple fact: we have no idea what we're doing. No matter how carefully we analyse all the requirements and no matter how detailed our spec sheets are, it is completely impossible to know what the user wants. Only after the system has been built we can find out what it should look like. A frustration chicken-or-egg problem.
Domain-driven Design enables us to find out sooner and more accurately what the real requirements are. But even with this powerful tool in your box, you still need to create an application in order to verify that you're on the right track. In this talk I will show you how by combining DDD with a component-based UI generator you can implement and test your well earned domain knowledge in almost negative time.

“Continuous attention to technical excellence and good design enhances agility.” – Principles behind the Agile Manifesto. Contrary to popular belief, agile architecture does NOT mean no architecture. Instead, agile architecture means being able to adapt, evolve and grow our architecture organically. In order for this to work, we need to be able to inspect and analyze our architecture at any given point in time. In this talk, we are going to make architecture fun again and bring our documentation back to live. We’ll have a look at tools which help us automate documenting our architecture and validating architecture constraints.

Microservices … New architectural style oriented on splitting monolithic codebase into set of small and independent applications built around specific business needs. Microservices might be very useful in some situations, but they also can introduce set of new problems to be solved, from designing to communication between microservices in production environment. During this session I’m going to introduce core concepts of microservices architecture, possible implementations using PHP, deployment strategies and running application in production environment. You will learn also about patterns in microservices world, building blocks for your next complex projects … All topics will be presented in code, on real PHP 7 application powered by microservices.

As PHP developers, our job is to build web applications. But how can we build applications that rely on networking if we don't know how these networks and the big network that connects them all (this thing called the Internet) actually work? In this tutorial, we walk through the basics of networking, before diving into all the essentials every PHP developer should know, from TCP/UDP over IP addressing (IPv4/6), source/destination ports, sockets, DNS, switching, firewalling and even more advanced protocols such as OSPF, VRRP and BGP. Prepare for an eye-opener when you realize how much a typical app relies on all of these (and many more) working flawlessly... and how you can prepare your app for failure in the chain.